engine_appliance_facts - Facts about NGFW Engine appliances, such as hardware and interface status

Synopsis

  • Retrieve specific information about a particular NGFW Engine node or all nodes of an NGFW Engine cluster. Information that can be obtained is general information about the node itself as well as general information, such as filesystem utilization, interfaces and statuses, and current routing tables.

Requirements (on host that executes module)

  • smc-python version 0.6.0 or higher

Options

parameter required default choices comments
case_sensitive
 no True

Whether to do a case sensitive match on the filter specified
exact_match
 no

Whether to do an exact match on the filter specified
filter
 yes

Provide the name of the engine as a filter
items
 no
  • status
  • interfaces
  • filesystem

If you want preferable to view only specific node-level items, you can provide a list of those items individually. If the items parameter is omitted, all items will be returned.
limit
 no 10

Limit the number of results. Set to 0 to remove limit.
nodeid
 no

Only return the details of a specific node by ID. If not provided, all node info is returned
smc_address
 no

FQDN with port of SMC. The default value is the environment variable SMC_ADDRESS
smc_alt_filepath
 no

Provide an alternate path location to read the credentials from. File is expected to be stored in ~.smcrc. If provided, address and api_key settings are not required and will be ignored.
smc_api_key
 no

API key for api client. The default value is the environment variable SMC_API_KEY Required if the address parameter is defined
smc_api_version
 no

Optional SMC API version to connect to. If none is provided, the latest long-term support (LTS) version of the SMC API will be used based on the SMC version. Can be set though the environment variable SMC_API_VERSION
smc_domain
 no

Optional administrative domain in the SMC to log on to. If no domain is provided, 'Shared Domain' is used. Can be set through the environment variable SMC_DOMAIN
smc_extra_args
 no
Extra arguments to pass to the login constructor. These arguments are generally only used if specifically requested by support personnel.
Dictionary object smc_extra_args
parameter required default choices comments
verify
 no True
  • yes
  • no
If the connection to the SMC API is HTTPS, you can set this to True, or provide a path to a client certificate to verify the SMC SSL certificate. You can also explicitly set this to False.
smc_logging
 no
Optionally enable SMC API logging to a file
Dictionary object smc_logging
parameter required default choices comments
path
 yes
Full path to the log file
level
 no
Log level as specified by the standard python logging library, in int format. Default setting is logging.DEBUG.
smc_timeout
 no

Optional timeout for connections to the SMC API. Can be set through the environment variable SMC_TIMEOUT

Examples

- name: Retrieve all stats (hardware, interface, info) for engine sg_vm
  engine_appliance_facts:
    filter: sg_vm

- name: Retrieve all stats (hardware, interface, info) on for node 1
  engine_appliance_facts:
    filter: sg_vm
    nodeid: 1

- name: Retrieve all stats (hardware, interface, info) for node 1 using items
  engine_appliance_facts:
    filter: sg_vm
    nodeid: 1
    items:
    - status
    - filesystem
    - interfaces

- name: Only retrieve engine status facts
  engine_appliance_facts:
    filter: sg_vm
    nodeid: 1
    items:
    - status

Return Values

Return values that are common to all modules are documented in Return Values. The following fields are unique to this module:

name description returned type sample
engines
List of nodes and statuses
 always list [{'status': {'status': 'Online', 'initial_license_remaining_days': 0, 'software_version': '5.7', 'cloud_id': 'N/A', 'installed_policy': 'Standard Firewall Policy with Inspection', 'first_upload_time': 0, 'proof_of_serial': 'xxxxxxxx-xxxxxxxxxx', 'name': 'ngf-1035', 'software_features': 'SECNODE+ALLOWX64=YES+ANTISPAM=YES+ANTIVIRUS=YES+DYNAMIC_ROUTING=YES+USERS=YES+URL_SERVICE2=YES+DEVICECLASS=100+VPN=YES', 'cloud_type': 'NONE', 'dyn_up': '1070', 'hardware_version': '79.1', 'configuration_status': 'Installed', 'platform': 'x86-64-small', 'state': 'READY', 'version': 'version 6.4.1 #20056', 'product_name': '1035-1-C1', 'initial_contact_time': '2016-03-08T21:28:02.263000'}, 'interfaces': [{'status': 'Up', 'name': 'eth0_0', 'mtu': 1500, 'capability': 'Normal Interface', 'flow_control': 'AutoNeg: off Rx: off Tx: off', 'aggregate_is_active': False, 'interface_id': 0, 'port': 'Copper', 'speed_duplex': '1000 Mb/s / Full / Automatic'}, {'status': 'Up', 'name': 'eth0_1', 'mtu': 1500, 'capability': 'Normal Interface', 'flow_control': 'AutoNeg: off Rx: off Tx: off', 'aggregate_is_active': False, 'interface_id': 1, 'port': 'Copper', 'speed_duplex': '1000 Mb/s / Full / Automatic'}, {'status': 'Up', 'name': 'eth0_2', 'mtu': 1500, 'capability': 'Normal Interface', 'flow_control': 'AutoNeg: off Rx: off Tx: off', 'aggregate_is_active': False, 'interface_id': 2, 'port': 'Copper', 'speed_duplex': '1000 Mb/s / Full / Automatic'}, {'status': 'Down', 'name': 'eth0_3', 'mtu': 1500, 'capability': 'Normal Interface', 'flow_control': 'AutoNeg: off Rx: off Tx: off', 'aggregate_is_active': False, 'interface_id': 3, 'port': 'Copper', 'speed_duplex': 'Half / Automatic'}], 'filesystem': [{'status': -1, 'sub_system': 'File Systems', 'param': 'Partition Size', 'value': '600 MB', 'label': 'Root'}, {'status': -1, 'sub_system': 'File Systems', 'param': 'Usage', 'value': '9.8%', 'label': 'Data'}, {'status': -1, 'sub_system': 'File Systems', 'param': 'Size', 'value': '1937 MB', 'label': 'Data'}, {'status': -1, 'sub_system': 'File Systems', 'param': 'Usage', 'value': '14.2%', 'label': 'Spool'}, {'status': -1, 'sub_system': 'File Systems', 'param': 'Size', 'value': '3288 MB', 'label': 'Spool'}, {'status': -1, 'sub_system': 'File Systems', 'param': 'Usage', 'value': '0.0%', 'label': 'Tmp'}, {'status': -1, 'sub_system': 'File Systems', 'param': 'Size', 'value': '1926 MB', 'label': 'Tmp'}, {'status': -1, 'sub_system': 'File Systems', 'param': 'Usage', 'value': '7.4%', 'label': 'Swap'}, {'status': -1, 'sub_system': 'File Systems', 'param': 'Size', 'value': '943 MB', 'label': 'Swap'}, {'status': -1, 'sub_system': 'Logging subsystem', 'param': 'Sending (entries / s)', 'value': '21', 'label': 'Log rates (average over 30 s)'}], 'nodeid': 2, 'name': 'ngf-1035'}]


Notes

Note

  • If a filter is not used in the query, this will return all results for the element type specified. The return data in this case will only contain the metadata for the element which will be name and type. To get detailed information about an element, use a filter. When using filters on network or service elements, the filter value will search the element fields, for example, you could use a filter of ‘1.1.1.1’ when searching for hosts and all hosts with this IP will be returned. The same applies for services. If you are unsure of the service name but know the port you require, your filter can be by port.

Author

  • Forcepoint

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.